9 December 2015,
Comments Comments Off on December’s Patch Tuesday addresses a number of critical security flaws for Windows

December’s Patch Tuesday addresses a number of critical security flaws for Windows

Depending on your location and time zone you might just be receiving the monthly Patch Tuesday updates for your Windows machines. And inside are patches for dozens of vulnerabilities so you should do the right thing and update.

Much as the company does every month, Microsoft has released a number of critical security patches for its operating systems, as well as updates to security certificates and a bunch of important improvements. Here are some of the important vulnerabilities addressed:

MS15-128 addresses a problem with the way some programs use graphics memory that could allow attackers to install programs, access data and get full user rights on an affected machine. The issue was present on all versions of Windows since Vista, as well as in some Office, Skype for Business and Lync clients.

MS15-124 affected Internet Explorer and allowed attackers to gain control of a machine if they tricked users to browse to a maliciously crafted website.

Other vulnerabilities that were fixed are related to Edge, Microsoft’s new browser, as well as to the unsafe Xbox Live certificate, whose private key had been compromised. There are also a bunch of other important and critical updates for machines running Windows 7, Office 2007 and Windows Server 2008.

All in all this is a pretty important security update package and as usual, our strong recommendation is you install the patches as soon as possible.